Computer Security & Safety Ethics and Privacy

Discuss techniques to prevent unauthorized computer access and use Objectives Overview Define the term, digital security risks, and briefly describe the types of cybercriminals Describe various types of Internet and network attacks, and explain ways to safeguard against these attacks Discuss techniques to prevent unauthorized computer access and use Explain the ways that software manufacturers protect against software piracy Discuss how encryption, digital signatures, and digital certificates work Discovering Computers 2014: Chapter 5

Objectives Overview Identify safeguards against hardware theft, vandalism, and failure Explain the options available for backing up Identify risks and safeguards associated with wireless communications Recognize issues related to information accuracy, intellectual property rights, codes of conduct, and green computing Discuss issues surrounding information privacy Discovering Computers 2014: Chapter 5 for Detailed Objectives See Page 202

Digital Security Risks A digital security risk is any event or action that could cause a loss of or damage to a computer or mobile device hardware, software, data, information, or processing capability Any illegal act involving the use of a computer or related devices generally is referred to as a computer crime. A cybercrime is an online or Internet-based illegal act. Software used by cybercriminals is called crimeware. While some breaches to computer security are accidental, many are intentional. Some intruders do not damage, they merely access data, information, or programs on the computer before logging off. Other intruders indicate some evidence of their presence either by leaving a message or by deliberately altering or damaging data. Discovering Computers 2014: Chapter 5

Cybercrime is one of the FBI’s top three priorities

Perpetrators Hacker Cracker Script kiddie Corporate spies Unethical employees Cyberextortionist Cyberterrorist Discovering Computers 2014: Chapter 5 Page 204

Hacker Originally a complimentary word for a computer enthusiast, now has a derogatory meaning Refers to someone who accesses a computer or network illegally. Some hacker claim the intent of their security breaches is to improve security.

Cracker Also is someone who accesses a computer or network illegally, but has the intent of destroying data, stealing information, or other malicious action. Both Hackers and Crackers have advanced computer and network skills

Script Kiddie Has the same intent as a cracker but does not have the technical skills and knowledge. Script Kiddies often use prewritten hacking and cracking programs to break into computers

Corporate Spy Have excellent computer and networking skills and are hired to break into a specific computer and steal data and information Or could be hired to identify security risks in their own organization. Unscrupulous companies hire corporate spies, a practice know as corporate espionage to gain a competitive advantage.

Unethical Employees Break into employer’s computers for a variety of reasons Exploit a security weakness Seek financial gain – sell confidential information Disgruntled employees may want revenge

Cyberextortionist Someone who uses email as a vehicle for extortion. Send an organization a threatening e-mail message indicating they will expose confidential information, exploit a security flaw, of launch an attack on their networt… if they are not paid a sum of money.

Cyberterrorist Uses the internet or network to destroy or damage computers for political reasons. Might target the nation’s air traffic control system, energy – generating companies, or a telecommunications infrastructure. Cyberwarfare describes an attack whose goal ranges from disabling a government’s computer network to crippling a country. Cyberterrorism and cyberwarfare require highly skilled individuals, millions of dollars, and a few years of planning.

Digital Security Risks

Internet and Network Attacks Information transmitted over networks has a higher degree of security risk than information kept on an organization’s premises Malware, short for malicious software, consists of programs that act without a user’s knowledge and deliberately alter the operations of computers and mobile devices Table 5-1 Pages 204 - 205 Discovering Computers 2014: Chapter 5

Internet and Network Attacks To determine whether your computer if vulnerable to an Internet or Network attack. You could use an online security service. An online security service is a web site that evaluates your computer to check for vulnerabilities. Then it provides recommendations of how to address them. Popular Online Security Services for PC Audit my PC McAfee FreeScan Symantec Security Check Trend Micro House Call Discovering Computers 2014: Chapter 5

Internet and Network Attacks virus worm Trojan Horse Rootkit Every unprotected computer is susceptible to this first type of security risk

Virus Potentially damaging computer program that affect, or infects a computer negatively by altering the way the computer works without the user’s knowledge or permission Once the virus infects the computer, it can spread throughout and may damage files and system software, including the operating system.

Worm Program that copies itself repeatedly, or example in memory or on a network, using up resources and possibly shutting down the computer or network.

Trojan Horse (named after the Greek Myth) Program that hides within or looks like a legitimate program. A certain condition or action usually triggers the Trojan Horse. Unlike a virus or worm, a Trojan horse does NOT replicate itself to other computers

Rootkit Program that hides in a computer and allows someone from a remote location take full control of the computer Once installed, the author can execute program, change setting, monitor activity, and access files. Although rootkits can have legitimate uses, such as law enforcement, their use for in illegal activities is growing rapidly.

Malware Short for malicious software Computer Viruses, worms, Trojan horses, and rootkits – act without users knowledge Others are backdoors and spyware – later Some malware is combination of two or more classes MyDoom and Blaster are worms Melissa has elements of virus, worm and Trojan Horse

Payload The destructive event or prank the program is intended to deliver. Symptoms – Operating System runs much slower than usual Available memory is less than expected Files become corrupted Screen displays unusual message or image Music or unusual sound plays randomly. Existing programs and file disappear Programs or files do not work properly Unknown files or programs mysteriously appear System properties change Operating System does not start up Operating System shuts down unexpectedly

Payload Malware delivers its payload on a computer in a variety of ways… When user opens an infected file, Runs an infected program Starts (boots) the computer with an infected removable media inserted in a a drive or plugged in a port. Connect an unprotected computer to a network When a particular event occur (clock changing to a specific date.

Discovering Computers 2014: Chapter 5 Figure 5-2 Page 205

Safeguards Checking latest virus statistics: http://home.mcafee.com/virusinfo Media sharing – Over half a million people download viruses No guarantee exists Don’t start computer with media in drives Never open email attachment unless you know the sender – delete email Carefully check spelling email that looks likes a trusted sourse.

Safeguards Some viruses are hidden in MACROS – instructions saved in software such as word processing or spreadsheets. – In programs that allow macros, you should set the macro security level so that the application software warns the user that the document they are trying to open contains macros. Only allow from a trusted source. INSTALL AN ANTIVIRUS PROGRAM AND UPDATE IT FREQUENTLY. Identifies and remove any computer viruses found in memory, on storage media, or incoming files. Most antivirus programs protect against other malware. They also check for programs that try to modify the boot program.

How do Virus Programs Work? Look for virus signature (also called a virus definition) – a known specific pattern of virus code. – update your antivirus program’s signature files regularly. Protects against viruses written since the virus program was released or updates. AUTOMATIC UPDATE. (ONCE A WEEK) Inoculate existing program files. Records size and creation date in separate inoculation file, checks for changes. When virus is detected, it attempts to remove the infection, quarantines it into a separate place on hard drive until it can be removed – so other files will be not be infected. Users can quarantine files. May need to reformat your hard drive – important to have BACK UP. Firewalls will be discussed later.

Internet and Network Attacks A botnet is a group of compromised computers or mobile devices connected to a network A compromised computer or device is known as a zombie A denial of service attack (DoS attack) disrupts computer access to Internet services Distributed DoS (DDoS) A back door is a program or set of instructions in a program that allow users to bypass security controls Spoofing is a technique intruders use to make their network or Internet transmission appear legitimate Discovering Computers 2014: Chapter 5 Pages 206 - 207